Here is a very brief video demo of Creatr, our new Patreon-style relay + file host for creators. Lots more to come and many other features to share, but wanted to get something out so you can see how it works with a nostr client and browser extension.
Discussion
Baller
Question: it only work from a web client like Snort?
The relay works on ANY client that supports NIP-42 client authentication. The ones I know off the top of my head are Amethyst, Snort, Coracle, and Satellite (although not sure if you can set your own relays there yet).
And Current!
If I watch a video via Amethyst, then my IP is remembered so I can watch it from a web browser if eg. There was a bug in the client?
Literally this video stopped half way on my client and I had to load it on the browser to see the full video.
Second question, does this mean all people in my home network are now permitted to see the video? If I visit via VPN, all people using the same exit node can access this video?
Thanks in advance. This project is super cool. š„
Great questions! The IP whitelisting is short lived and only happens after you connect to our relay. You should have no issues moving the content links directly to the browser.
Yes, all the people on your IP would have access to the content you have unlocked but they would still need the links or access to the content on the relay to get them. If you shared the content links with them, they would have access to it.
We hope to move away from IPs all together and use NIP-98 instead (signed nostr event in the header of the content link request) but it does not have much adoption at this time. Soon, we hope!
nostr:npub1kr5vqlelt8l47s2z0l47z4myqg897m04vrnaqks3emwryca3al7sv83ry3 I'll be the first to subscribe if you're inš
ok. I am ready to try this on with Current App..!
nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s nostr:npub1h50pnxqw9jg7dhr906fvy4mze2yzawf895jhnc3p7qmljdugm6gsrurqev how hard/long will it be to make Damus work with Mazins new relay?
Cool
Absolutely freaking amazing work. š
This is really cool. Isnāt using a single relay for content like that just the same as having a centralized database?
Yes, with the advantage that it is interoperable with the existing protocol. Our goal with this product is nostr client and social graph interoperability, not decentralization.
There are centralization tradeoffs for access controlled content. If it needs to be spread on many relays, it needs to be encrypted. If itās encrypted you need a key delivery mechanism tied to a recurring payment, either by a centralized entity or an always online user. You also need a way to modify/revoke future access to the now decrypted notes. The media/files also have to be uploaded somewhere that will access control the files and allow you to update which pubkeys have access and when.
Iām sure smarter folks than myself will figure all these things out but for now we built a relay that does the heavy lifting and works out of the box with most nostr clients.
Cool. Thanks for the explanation. Tradeoffs inherent, as always. Iāll be interested to see how it goes.
I am exploring the idea of nostr in business contexts. Even if posts default to a business private relay e.g for employees only, there is still lots of value add in the interop, data/acc portability, app ecosystem, etc. I am super pumped about this. Your relay/ NIP-42 should unlock many use cases here.
Thank you! We will eventually offer a relay-as-a-service offering that allows easily configurable AUTH for read access along with existing write control tools.
I love it. I can see the market for it. I see "xyz for Nostr" directly attacking every business SaaS and winning. There's absolutely a market here, and the unique value that Nostr provides is not just going to catch them sleeping, it will be unassailable. Incumbents cannot directly compete on interoperability without destroying their own moats. I'm here for it!
Is your relay completely custom? Or is there an existing relay implementation which restricts read access to authorized users in the way that you've demonstrated? I'm looking at nip 42 implementations and finding that they usually about restricting write access rather than read access. Or maybe I've misunderstood. I would truly appreciate your input!
All of our NIP-42 stuff is custom. Most paid relays only restrict write access but not through NIP-42, just by keeping a pubkey whitelist or other restrictions.
I believe the rust nostr relay has a NIP-42 implementation but I havenāt used it.
Thanks for the fast reply Mazin, so cool. I think I have that rust relay up and running. Docs make me wonder if the NIP-42 implementation is focussed on write rather than read. If you have custom rolled yours, was stirfry your starting point? Do you have any plans to share or license your code? I am not sure what's involved in that, I am just trying to figure out an entry point to explore further.
We use strfry for our relay backends. For AUTH that is on connect (not for a specific type of REQ) we have a fairly simple custom websocket that sits in-between. Once the user passes AUTH, you can simply connect them to strfry.
For more complicated types of access control, the middleware becomes a lot more complex as it needs to parse each request. Strfry will eventually have NIP-42 built in - it is often discussed in the strfry telegram as a desired feature. The truth is itās a complicated spec to implement for anything outside of āon connectionā and for that use case itās a poor solution (a header would be better, more like NIP-98).
Iāve ranted about this before but ultimately itās not going to change and Iāve embraced NIP-42 for the time being.
Thank you so much!
Very interested in how this might support private groups. What does a client have to do to work with one of these relays?
Right now the only thing required to use the relay is NIP-42.
Itās possible we could adapt this to work for private groups too but Iād need more details. I havenāt kept up too well with the current proposals. Are the messages in these private groups encrypted? How does moderation/access work?
I put together the inbox.nostr.wine prototype that allows anyone to write events that p-tag a user with an inbox and users with inboxes can only query notes they have authored or been p-tagged in. The main focus there is minimizing metadata leaks.
Still thinking about it, hopefully going to break ground soon. But it should work similarly, just as a place to post encrypted notes to to reduce metadata leakage. I'd also like to figure out invite codes as well, but that might not need to be special cased by the relay either.
I believe I gave your pubkey access to play with inbox.nostr.wine but let me know if you have any issues AUTHing there. Iād like to adapt that to work for most of the āprivateā use cases.
Please let me know if thereās something you need that doesnāt fit in to that current design and Iāll see what I can do to adjust it to fit.
Thanks, will do
I DMd you.
Do you accept Adult Working Creators?
Yes! Iāll send you the onboarding form.
Okay, this is really great! Many Zapit users have been asking for something like this, and it clearly has many use cases.
When your service is ready, I will also add this to NostrNet. Users will love it.
Thank you! Weāve been dragging our feet a bit getting this out because itās quite a big undertaking but itās slowly coming together now that we are onboarding creators.